deps(deps): bump the minor-updates group across 1 directory with 23 updates

[dependabot]

Bumps the minor-updates group with 23 updates in the / directory:

Package	From	To
@cloudflare/containers	0.3.2	0.3.3
@lucide/svelte	1.8.0	1.14.0
agents	0.11.4	0.12.3
alchemy	0.91.2	0.93.7
better-auth	1.6.5	1.6.10
effect	3.21.1	3.21.2
hono	4.12.14	4.12.18
zod	4.3.6	4.4.3
@cloudflare/vitest-pool-workers	0.14.7	0.16.3
@cloudflare/workers-types	4.20260418.1	4.20260511.1
@sveltejs/kit	2.57.1	2.59.1
@sveltejs/vite-plugin-svelte	7.0.0	7.1.2
@tailwindcss/vite	4.2.2	4.3.0
@types/node	25.6.0	25.6.2
bits-ui	2.18.0	2.18.1
svelte	5.55.4	5.55.5
svelte-check	4.4.6	4.4.8
svelte-sonner	1.1.0	1.1.1
tailwind-merge	3.5.0	3.6.0
tailwindcss	4.2.2	4.3.0
vite	8.0.8	8.0.12
vitest	4.1.4	4.1.5
wrangler	4.83.0	4.90.0

Updates @cloudflare/containers from 0.3.2 to 0.3.3

Release notes

Sourced from @​cloudflare/containers's releases.

v0.3.3

Patch Changes

• 7901d0b: Attach custom labels to your containers to help with observability and attribution. Set a labels property on your Container subclass, or pass labels in the startOptions argument to start() / startAndWaitForPorts(), and tag containers by tenant, environment, feature flag, canary cohort, or any other dimension you want to track. In local development, labels are visible on the underlying Docker container via docker inspect.

  class MyContainer extends Container {
    labels = { tenant: 'acme', env: 'prod' };
  }

Changelog

Sourced from @​cloudflare/containers's changelog.

0.3.3

Patch Changes

• 7901d0b: Attach custom labels to your containers to help with observability and attribution. Set a labels property on your Container subclass, or pass labels in the startOptions argument to start() / startAndWaitForPorts(), and tag containers by tenant, environment, feature flag, canary cohort, or any other dimension you want to track. In local development, labels are visible on the underlying Docker container via docker inspect.

  class MyContainer extends Container {
    labels = { tenant: 'acme', env: 'prod' };
  }

Commits

• 805ad73 Merge pull request #187 from cloudflare/changeset-release/main
• 9e98721 Version Packages
• 7901d0b containers: Add labels support to start options
• See full diff in compare view

Updates @lucide/svelte from 1.8.0 to 1.14.0

Release notes

Sourced from @​lucide/svelte's releases.

Version 1.14.0

What's Changed

• feat(icons): added repeat-off icon by @​jguddas in lucide-icons/lucide#3102

Full Changelog: lucide-icons/lucide@1.13.0...1.14.0

Version 1.13.0

What's Changed

• fix(docs): sync URL params with UI state on categories page by @​taimar in lucide-icons/lucide#4111
• feat(icons): add waves-vertical icon by @​jamiemlaw in lucide-icons/lucide#3867

Full Changelog: lucide-icons/lucide@1.12.0...1.13.0

Version 1.12.0

What's Changed

• feat(icon): add folder-bookmark icon by @​swastik7805 in lucide-icons/lucide#4262
• docs(readme): Update readme files by @​ericfennis in lucide-icons/lucide#4320
• feat(icons): added astroid icon by @​whoisBugsbunny in lucide-icons/lucide#4217

Full Changelog: lucide-icons/lucide@1.10.0...1.12.0

Version 1.11.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in lucide-icons/lucide#4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in lucide-icons/lucide#4315
• feat(docs): blur background of framework-select by @​Spleefies in lucide-icons/lucide#4238
• feat(icon): add heart-x icon by @​swastik7805 in lucide-icons/lucide#4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in lucide-icons/lucide#4299
• feat(icons): added layers-minus icon by @​Spleefies in lucide-icons/lucide#4005
• feat(icons): added bell-check icon by @​pettelau in lucide-icons/lucide#4152

New Contributors

• @​jglu made their first contribution in lucide-icons/lucide#4309
• @​pettelau made their first contribution in lucide-icons/lucide#4152

Full Changelog: lucide-icons/lucide@1.9.0...1.11.0

Version 1.10.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310

... (truncated)

Commits

• 50d8af5 docs(readme): Update readme files (#4320)
• fe0bd9b fix(@​lucide/svelte): proper doc comments for svelte components (#4267)
• See full diff in compare view

Updates agents from 0.11.4 to 0.12.3

Release notes

Sourced from agents's releases.

agents@0.12.3

Patch Changes

• #1451 48b29ba Thanks @​threepointone! - Fix typed call and stub support for streaming callable methods.

agents@0.12.2

Patch Changes

• 2fffa02 Thanks @​threepointone! - Raise the minimum internal peer dependency versions for Agents chat packages so agents, @cloudflare/ai-chat, and @cloudflare/think require versions at least as recent as the current repo packages.

agents@0.12.1

Patch Changes

• #1443 e7d225b Thanks @​threepointone! - Fix sub-agent WebSockets on deployed Workers by keeping the browser WebSocket owned by the parent Agent and forwarding connect/message/close events to child facets over RPC.

  Fix resumed chat streams so a partially hydrated assistant response is rebuilt from replay chunks instead of rendering replayed text as a second assistant text part.

  Fix a resume ACK race where drill-in chat connections could miss the terminal stream frame if the helper completed between the resume notification and client acknowledgement.

agents@0.12.0

Minor Changes

• #1421 1b65ff5 Thanks @​threepointone! - Add agent tool orchestration for running Think and AIChatAgent sub-agents as retained, streaming tools from a parent agent. The new surface includes runAgentTool, agentTool, parent-side run replay and cleanup, Think and AIChatAgent child adapter support, and headless React/client event state helpers.

Patch Changes

• #1418 8de0ce3 Thanks @​threepointone! - Allow sub-agents to use alarm-backed APIs by delegating the physical Durable Object alarm to the top-level parent while executing logical work inside the owning sub-agent. This enables schedule(), scheduleEvery(), cancelSchedule(), getScheduleById(), listSchedules(), keepAlive(), keepAliveWhile(), runFiber(), and Think chat recovery inside sub-agents.

  Sub-agent schedules are scoped to the calling child, so sibling sub-agents cannot cancel each other's schedules by id. The deprecated synchronous getSchedule() and getSchedules() APIs now throw inside sub-agents; use the async alternatives instead. Destroying a sub-agent now delegates cleanup through the parent so parent-owned schedules and descendant fiber recovery leases are removed consistently.

• #1425 6471cbd Thanks @​threepointone! - Clear request, WebSocket, and email native context handles when switching Agent instances and suppress protocol broadcasts during sub-agent facet bootstrap.

agents@0.11.9

Patch Changes

• #1412 8fb7c03 Thanks @​threepointone! - Make applyChunkToParts idempotent against an existing tool part with the same toolCallId, and add isReplayChunk(parts, chunk) for stream broadcasters that want to drop provider replay chunks (#1404).

  Some providers (notably the OpenAI Responses API) re-emit a prior tool call in continuation streams. The previous tool-input-start handler unconditionally pushed a fresh tool part, which produced duplicate parts in the message; tool-input-delta and tool-input-available overwrote a fully resolved input/state if a chunk happened to arrive for an already-known toolCallId. The new behavior:

  • tool-input-start for a toolCallId that already exists in parts is a no-op (it does not push a duplicate or regress state).
  • tool-input-delta only mutates input while the existing part is still input-streaming.
  • tool-input-available only advances from input-streaming to input-available; replays against parts that have already moved past input-streaming (including approval-requested/approval-responded and any terminal state) are no-ops.

  isReplayChunk(parts, chunk) is exported from agents/chat for stream broadcasters (e.g. AIChatAgent._streamSSEReply) that want to detect "this chunk is a replay of an already-known tool call" and skip re-broadcasting it. AI SDK v6's updateToolPart on the client mutates an existing tool part in place when the toolCallId matches, so re-broadcasting these replay chunks would visibly regress an output-available part to input-streaming on connected clients. tool-output-available is not treated as a replay because its in-place update is safe when the output already matches.

  Tool calls that the model genuinely wants to re-issue always carry a new toolCallId, so an existing match is never a legitimate "start over".

... (truncated)

Changelog

Sourced from agents's changelog.

0.12.3

Patch Changes

• #1451 48b29ba Thanks @​threepointone! - Fix typed call and stub support for streaming callable methods.

0.12.2

Patch Changes

• 2fffa02 Thanks @​threepointone! - Raise the minimum internal peer dependency versions for Agents chat packages so agents, @cloudflare/ai-chat, and @cloudflare/think require versions at least as recent as the current repo packages.

0.12.1

Patch Changes

• #1443 e7d225b Thanks @​threepointone! - Fix sub-agent WebSockets on deployed Workers by keeping the browser WebSocket owned by the parent Agent and forwarding connect/message/close events to child facets over RPC.

  Fix resumed chat streams so a partially hydrated assistant response is rebuilt from replay chunks instead of rendering replayed text as a second assistant text part.

  Fix a resume ACK race where drill-in chat connections could miss the terminal stream frame if the helper completed between the resume notification and client acknowledgement.

0.12.0

Minor Changes

• #1421 1b65ff5 Thanks @​threepointone! - Add agent tool orchestration for running Think and AIChatAgent sub-agents as retained, streaming tools from a parent agent. The new surface includes runAgentTool, agentTool, parent-side run replay and cleanup, Think and AIChatAgent child adapter support, and headless React/client event state helpers.

Patch Changes

• #1418 8de0ce3 Thanks @​threepointone! - Allow sub-agents to use alarm-backed APIs by delegating the physical Durable Object alarm to the top-level parent while executing logical work inside the owning sub-agent. This enables schedule(), scheduleEvery(), cancelSchedule(), getScheduleById(), listSchedules(), keepAlive(), keepAliveWhile(), runFiber(), and Think chat recovery inside sub-agents.

  Sub-agent schedules are scoped to the calling child, so sibling sub-agents cannot cancel each other's schedules by id. The deprecated synchronous getSchedule() and getSchedules() APIs now throw inside sub-agents; use the async alternatives instead. Destroying a sub-agent now delegates cleanup through the parent so parent-owned schedules and descendant fiber recovery leases are removed consistently.

• #1425 6471cbd Thanks @​threepointone! - Clear request, WebSocket, and email native context handles when switching Agent instances and suppress protocol broadcasts during sub-agent facet bootstrap.

0.11.9

Patch Changes

• #1412 8fb7c03 Thanks @​threepointone! - Make applyChunkToParts idempotent against an existing tool part with the same toolCallId, and add isReplayChunk(parts, chunk) for stream broadcasters that want to drop provider replay chunks (#1404).

  Some providers (notably the OpenAI Responses API) re-emit a prior tool call in continuation streams. The previous tool-input-start handler unconditionally pushed a fresh tool part, which produced duplicate parts in the message; tool-input-delta and tool-input-available overwrote a fully resolved input/state if a chunk happened to arrive for an already-known toolCallId. The new behavior:

  • tool-input-start for a toolCallId that already exists in parts is a no-op (it does not push a duplicate or regress state).
  • tool-input-delta only mutates input while the existing part is still input-streaming.

... (truncated)

Commits

• b1523e8 Version Packages (#1452)
• 48b29ba Fix streaming callable client types (#1451)
• a25b535 Version Packages (#1444)
• 2fffa02 update deps
• aef678f Version Packages (#1438)
• e7d225b Fix sub-agent WebSocket forwarding (#1443)
• cdf203a Add identification check inside waitFor
• 6d67c7b Update deps, add playground demos, a11y fixes
• bde99ae Version Packages (#1419)
• 6471cbd Fix sub-agent bootstrap from WebSocket messages (#1425)
• Additional commits viewable in compare view

Updates alchemy from 0.91.2 to 0.93.7

Release notes

Sourced from alchemy's releases.

v0.93.7

   🚀 Features

• cli: Add alchemy state commands (tree, list, get)  -  by @​sam-goodwin in alchemy-run/alchemy#1400 (ec7be)
• cloudflare: Add Zero Trust Access resources  -  by @​G4brym in alchemy-run/alchemy#1399 (e0ad2)

    View changes on GitHub

v0.93.6

No significant changes

    View changes on GitHub

v0.93.5

   🐞 Bug Fixes

• cloudflare: Use container ingress interceptor image  -  by @​john-royal in alchemy-run/alchemy#1398 (e7d68)

    View changes on GitHub

v0.93.4

   🚀 Features

• cloudflare: Enable local explorer  -  by @​john-royal in alchemy-run/alchemy#1397 (b474e)

    View changes on GitHub

v0.93.3

   🐞 Bug Fixes

• cloudflare: Upgrade miniflare/wrangler and move to deps  -  by @​sam-goodwin and John Royal in alchemy-run/alchemy#1396 (74663)

    View changes on GitHub

v0.93.2

   🐞 Bug Fixes

• cloudflare: Auto-allow trycloudflare hosts in vite when dev.tunnel is set  -  by @​yan-vikng-dev in alchemy-run/alchemy#1395 (5fc92)

    View changes on GitHub

v0.93.1

   🚀 Features

• cloudflare: Support overrideExistingOrigin on CustomDomain  -  by @​nshen in alchemy-run/alchemy#1384 (95294)

   🐞 Bug Fixes

• cloudflare:
  • Wire dev.tunnel through Vite/Website spawn path  -  by @​yan-vikng-dev and @​sam-goodwin in alchemy-run/alchemy#1394 (9e6ee)

... (truncated)

Changelog

Sourced from alchemy's changelog.

v0.93.7

   🚀 Features

• cli: Add alchemy state commands (tree, list, get)  -  by sam in alchemy-run/alchemy#1400 (ec7be)
• cloudflare: Add Zero Trust Access resources  -  by Gabriel Massadas in alchemy-run/alchemy#1399 (e0ad2)

    View changes on GitHub

---

v0.93.6

No significant changes

    View changes on GitHub

---

v0.93.5

   🐞 Bug Fixes

• cloudflare: Use container ingress interceptor image  -  by John Royal in alchemy-run/alchemy#1398 (e7d68)

    View changes on GitHub

---

v0.93.4

   🚀 Features

• cloudflare: Enable local explorer  -  by John Royal in alchemy-run/alchemy#1397 (b474e)

    View changes on GitHub

---

v0.93.3

   🐞 Bug Fixes

• cloudflare: Upgrade miniflare/wrangler and move to deps  -  by sam and John Royal in alchemy-run/alchemy#1396 (74663)

    View changes on GitHub

---

v0.93.2

... (truncated)

Commits

• da615c6 chore(release): 0.93.7
• ec7be73 feat(cli): add alchemy state commands (tree, list, get) (#1400)
• e0ad23f feat(cloudflare): add Zero Trust Access resources (#1399)
• 817c99a chore(release): 0.93.6
• c9f5e54 chore(release): 0.93.5
• e7d6800 fix(cloudflare): use container ingress interceptor image (#1398)
• 62866a2 chore(release): 0.93.4
• b474e17 feat(cloudflare): enable local explorer (#1397)
• eef470c chore(release): 0.93.3
• 746639e fix(cloudflare): upgrade miniflare/wrangler and move to deps (#1396)
• Additional commits viewable in compare view

Updates better-auth from 1.6.5 to 1.6.10

Release notes

Sourced from better-auth's releases.

v1.6.10

better-auth

Bug Fixes

• Exposed refreshUserSessions on the internal adapter (#7764)
• Fixed organization invitation roles to accept dynamic access control roles (#9437)
• Improved link accessibility (#9521)
• Fixed incorrect email casing in one-tap, email-otp, and email-verification flows (#9369)
• Fixed OpenAPI schema for POST /sign-in/social mis-declaring required fields (#9268)
• Added a warning when the cookie plugin is placed last in the plugins array (#9484)
• Fixed useSession not revalidating after admin impersonation starts or stops (#9402)
• Fixed duplicate Set-Cookie headers being emitted on redirect responses from social sign-in and magic-link endpoints (#9497)
• Fixed the bearer plugin writing duplicate cookie entries when merging the session token into request headers (#9387)
• Fixed captcha plugin breaking the email-otp flow (#8339)
• Fixed email enumeration protection not applying when emailAndPassword.autoSignIn is false (#8839)
• Fixed a TypeError caused by non-ASCII characters in OAuth error descriptions on redirect (#9065)
• Renamed internalAdapter.deleteAccount parameter from accountId to id to reflect that it queries by primary key (#9503)
• Fixed OAuth callbacks accepting a missing provider account ID, which could link accounts under an undefined id (#9456)
• Fixed cancelPendingInvitationsOnReInvite having no effect, where re-inviting the same email always returned USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION (#9453)
• Fixed a TS2742 type error caused by missing re-exports when using additionalFields in the organization plugin (#9349)
• Fixed useActiveMemberRole retaining a previous user's role after sign-out in SPA flows (#9440)
• Fixed setActiveTeam to only accept teams from the currently active organization (#9239)
• Added authClient.siwe.getNonce() as a compatibility alias for the SIWE nonce endpoint (#9461)
• Fixed callbackURL being ignored on signIn.username, so it now redirects correctly like signIn.email (#9475)

For detailed changes, see CHANGELOG

@better-auth/oauth-provider

Bug Fixes

• Fixed sessionId typing in refresh token types to be optional, matching the schema (#9324)
• Fixed stale prompt=login consent continuations not completing after a forced login
• Exported OAuth provider helper types needed for portable downstream TypeScript declaration emit (#9406)
• Fixed prompt=login not being honored after consent continuation, preventing session bypass (#9344)
• Added database indexes to OAuth provider foreign-key fields in generated schemas (#9389)

For detailed changes, see CHANGELOG

@better-auth/stripe

Bug Fixes

• Fixed onSubscriptionUpdate to receive the raw stripeSubscription object, and fixed onSubscriptionCancel to receive the post-update subscription row instead of a stale snapshot (#9354)
• Fixed getCheckoutSessionParams overriding internally managed Stripe Checkout Session fields such as success_url, cancel_url, customer, and line_items (#9481)
• Fixed onSubscriptionDeleted, onTrialEnd, and onTrialExpired receiving a stale pre-update subscription snapshot instead of the post-update row (#9356)
• Fixed getCheckoutSessionParams overriding free trial and internal metadata, which could hide trial periods and create duplicate subscription rows on webhook (#9474)
• Renamed internal subscription webhook variables for clarity (#9355)

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.10

Patch Changes

• #8339 1e0f26d Thanks @​ping-maxwell! - fix(captcha): breaks email-otp flow

• #9484 8c1e917 Thanks @​ping-maxwell! - fix: warn for cookie-plugin being last in array

• #9437 b2d655c Thanks @​cyphercodes! - Allow organization invitation role input types to accept dynamic access control roles.

• #9497 09f1327 Thanks @​bytaesu! - Endpoints that set cookies before redirecting (such as social sign-in callbacks and magic-link verification) no longer emit each Set-Cookie entry twice on the response.

• #9387 906b7b3 Thanks @​bytaesu! - The bearer plugin now produces a single entry per cookie name when merging its session token into the request Cookie header. Previously the merged header could carry two entries for the same name if the request already had a stale session cookie, which would surface to downstream code that picks the first occurrence.

• #9475 e9c978e Thanks @​jaydeep-pipaliya! - fix(username): respect callbackURL on /sign-in/username

  The endpoint accepted a callbackURL body field but ignored it, so authClient.signIn.username({ ..., callbackURL }) silently did nothing while authClient.signIn.email redirected as expected. The handler now sets a Location header when callbackURL is provided and returns { redirect, url } alongside token/user, matching the email flow.

• #9440 e71aad3 Thanks @​cyphercodes! - Clear organization active hook state after sign-out so useActiveMemberRole does not retain a previous user's role in SPA sign-out/sign-in flows.

• #9402 80a655d Thanks @​onmax! - Revalidate the client session after admin impersonation starts or stops.

• #9503 15ff28a Thanks @​bytaesu! - internalAdapter.deleteAccount parameter renamed from accountId to id to reflect that it queries by primary key, not the accountId column. No runtime behavior change.

• #9268 88a7c67 Thanks @​ping-maxwell! - fix: openAPI schema for POST /sign-in/social mis-declares required fields

• #8839 9a7b51d Thanks @​dipan-ck! - Apply email enumeration protection when emailAndPassword.autoSignIn is false. Duplicate sign-ups now return a synthetic user (token: null) and trigger onExistingUserSignUp, and new sign-ups skip auto sign-in (token: null)—even without requireEmailVerification, aligning with the docs.

• #9065 1b25902 Thanks @​ping-maxwell! - non-ASCII error_description in generic-oauth callback routes causes TypeError on redirect

• #9349 cf59136 Thanks @​ping-maxwell! - fix(organization): re-export field types to prevent TS2742 with additionalFields

• #9453 a597ee0 Thanks @​mausic! - The organization plugin's cancelPendingInvitationsOnReInvite option now actually cancels the prior pending invitation when re-inviting the same email. Previously the option had no effect — re-inviting always failed with USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION

• #9456 fc02ced Thanks @​cyphercodes! - Reject OAuth callbacks when provider user info omits the account id to avoid linking accounts under the literal undefined id.

• #9461 9f1ef1f Thanks @​cyphercodes! - Expose authClient.siwe.getNonce() as a compatibility alias for the SIWE nonce endpoint.

• #9369 36ef808 Thanks @​ping-maxwell! - fix: incorrect email casing across one-tap, email-otp & email-verification

... (truncated)

Commits

• cbb5014 chore: release v1.6.10 (#9350)
• 09f1327 fix(api): prevent duplicate set-cookie on redirect (#9497)
• 15ff28a fix(internal-adapter): rename deleteAccount param from accountId to id (#...
• fde0432 fix: improve link accessibility issues (#9521)
• cf59136 fix(organization): re-export field types to prevent TS2742 with additionalFie...
• 8c1e917 fix: warn for cookie-plugin being last in array (#9484)
• 3a9a2c3 chore: expose refreshUserSessions on internal adapter (#7764)
• e9c978e fix(username): respect callbackURL on sign-in (#9475)
• 36ef808 fix: incorrect email casing across one-tap, email-otp & email-verification (#...
• 9a7b51d fix(credential): apply enumeration protection when autoSignIn is false (#8839)
• Additional commits viewable in compare view

Updates effect from 3.21.1 to 3.21.2

Release notes

Sourced from effect's releases.

effect@3.21.2

Patch Changes

• #6194 74f3267 Thanks @​mikearnaldi! - Fix TestClock.unsafeCurrentTimeNanos() to floor fractional millisecond instants before converting them to BigInt.

Changelog

Sourced from effect's changelog.

3.21.2

Patch Changes

• #6194 74f3267 Thanks @​mikearnaldi! - Fix TestClock.unsafeCurrentTimeNanos() to floor fractional millisecond instants before converting them to BigInt.

Commits

• 39c934c Version Packages (#6195)
• 74f3267 fix: floor TestClock nanoseconds before BigInt conversion (#6194)
• See full diff in compare view

Updates hono from 4.12.14 to 4.12.18

Release notes

Sourced from hono's releases.

v4.12.18

Security fixes

This release includes fixes for the following security issues:

Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage

Affects: Cache Middleware. Fixes missing cache-skip handling for Vary: Authorization and Vary: Cookie, where a response cached for one authenticated user could be served to other users. GHSA-p77w-8qqv-26rm

CSS Declaration Injection via Style Object Values in JSX SSR

Affects: hono/jsx. Fixes a missing CSS-context escape for style object values and property names, where untrusted input could inject additional CSS declarations. The impact is limited to CSS and does not allow JavaScript execution. GHSA-qp7p-654g-cw7p

Improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()

Affects: hono/utils/jwt. Fixes improper validation of exp, nbf, and iat claims, where falsy, non-finite, or non-numeric values could silently bypass time-based checks instead of being rejected per RFC 7519. GHSA-hm8q-7f3q-5f36

---

Users who use the JWT helper, hono/jsx, or the Cache middleware are strongly encouraged to upgrade to this version.

v4.12.17

What's Changed

• fix(jsx): normalize SVG attributes on the root element by @​kfly8 in honojs/hono#4893
• fix(ssg): add atom+xml and rss+xml to defaultExtensionMap by @​yuintei in honojs/hono#4899
• fix(cors): make origin optional in CORSOptions by @​truffle-dev in honojs/hono#4905
• fix(types): propagate middleware response types to app.on overloads by @​T4ko0522 in honojs/hono#4906

New Contributors

• @​kfly8 made their first contribution in honojs/hono#4893
• @​truffle-dev made their first contribution in honojs/hono#4905

Full Changelog: honojs/hono@v4.12.16...v4.12.17

v4.12.16

Security fixes

This release includes fixes for the following security issues:

Unvalidated JSX Tag Names in hono/jsx May Allow HTML Injection

Affects: hono/jsx. Fixes missing validation of JSX tag names when using jsx() or createElement(), which could allow HTML injection if untrusted input is used as the tag name. GHSA-69xw-7hcm-h432

bodyLimit() can be bypassed for chunked / unknown-length requests

Affects: Body Limit Middleware. Fixes late enforcement for request bodies without a reliable Content-Length (e.g. chunked requests), where oversized requests could reach handlers and return successful responses before being rejected. GHSA-9vqf-7f2p-gf9v

v4.12.15

What's Changed

• fix(jwt): support single-line PEM keys by @​hiendv in honojs/hono#4889

... (truncated)

Commits

• f10dee8 4.12.18
• a5bd9eb Merge commit from fork
• 58d3d3a Merge commit from fork
• 568c2ec Merge commit from fork
• ff2b3d3 4.12.17
• 52aaaf9 fix(types): propagate middleware response types to app.on overloads (#4906)
• 76d5589 fix(cors): make origin optional in CORSOptions (#4905)
• 8f027e5 fix(ssg): add atom+xml and rss+xml to defaultExtensionMap (#4899)
• bfba97c fix(jsx): normalize SVG attributes on the <svg> root element (#4893)
• 90d4182 4.12.16
• Additional commits viewable in compare view

Updates zod from 4.3.6 to 4.4.3

Release notes

Sourced from zod's releases.

v4.4.3

Commits:

• 4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo
• 2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing
• 7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones
• 2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern
• 9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)
• b8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
• 1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
• c2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore prepro...

  Description has been truncated